search

beeper / mac-registration-provider

A small service that generates iMessage registration data on a Mac
GNU Affero General Public License v3.0
138 stars 29 forks source link

This does not support updated Intel Macs #23

Closed joshuajohncohen closed 9 months ago

joshuajohncohen commented 9 months ago

Intel Macs only support Monterey, so to work on most updated Intel Macs this tool would need to support the latest versions of Monterey.

0xdevalias commented 9 months ago

Intel Macs only support Monterey

That's not true..? My Intel Mac is currently on Ventura, and I can upgrade it to Sonoma as well.

jetfir3 commented 9 months ago

Ventura seems to have cut off support for 2015/2016 (and some 2017) and earlier devices. Any Intel device newer than that could certainly update beyond 12.x. https://support.apple.com/102861

12.7.2 is the current latest Monterey build -- feel free to upload the /System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd binary somewhere so the offsets can be added.

This situation has pretty much been covered in previously submitted Issues. If a macOS version isn't supported, add the offsets via PR or share the binary so someone else can.

0xdevalias commented 9 months ago

This situation has pretty much been covered in previously submitted Issues. If a macOS version isn't supported, add the offsets via PR or share the binary so someone else can.

I wonder if an update to the README or issue templates or similar might help guide people towards doing that better?

jetfir3 commented 9 months ago

I wonder if an update to the README or issue templates or similar might help guide people towards doing that better?

Certainly something worth considering. Some initial thoughts are:

I'm probably overthinking it :)

joshuajohncohen commented 9 months ago

Here is the binary for 12.7.2:

joshuajohncohen commented 9 months ago

I made a PR in #25

0xdevalias commented 9 months ago

Here is the binary for 12.7.2:

⇒ sha256sum macos-12.7.2-monterey-identityservicesd
01aaa511c5d32c5766256a40b5ae8f42fb49b74074dce5936f315244236f15a0  macos-12.7.2-monterey-identityservicesd

Using my automated script (see https://github.com/beeper/mac-registration-provider/issues/9), this is the output it gave:

⇒ ./find_fat_binary_offsets.py samples/macos-12.7.2-monterey-identityservicesd
-= Universal Binary Sections =-
Architecture 0 (x86_64):
  CPU Type: 16777223 (0x1000007)
  CPU Subtype: 3 (0x3)
  CPU Subtype Capability: 0 (0x0)
  Offset: 0x4000 (Valid Mach-O Header: Yes)
  Size: 7442432
  Align: 14
Architecture 1 (arm64e):
  CPU Type: 16777228 (0x100000c)
  CPU Subtype: 2 (0x2)
  CPU Subtype Capability: 128 (0x80)
  Offset: 0x720000 (Valid Mach-O Header: Yes)
  Size: 8707856
  Align: 14

-= Found Symbol Offsets =-
Offset of _IDSProtoKeyTransparencyTrustedServiceReadFrom in architecture x86_64: 0x0b2278
Offset of _IDSProtoKeyTransparencyTrustedServiceReadFrom in architecture arm64e: 0x0b562c

-= Found Hex Offsets (with pure python fixed sequence search + regex) =-
Architecture 0 (x86_64):
  IDSProtoKeyTransparencyTrustedServiceReadFrom: 0xb2278
  NACInitAddress: 0x4132e0
  NACKeyEstablishmentAddress: 0x465e00
  NACSignAddress: 0x103f47; 0x405c10
Architecture 1 (arm64e):
  IDSProtoKeyTransparencyTrustedServiceReadFrom: 0xb562c; 0x31a038; 0x33203c
  NACInitAddress: 0x43d408
  NACKeyEstablishmentAddress: 0x3fdafc
  NACSignAddress: 0x3f2844

Note that there are multiple offsets listed for some parts, so those would need to be narrowed down further via manual/other methods to get the full proper offsets needed.

jetfir3 commented 9 months ago

Added a PR for 12.7.2 support - https://github.com/beeper/mac-registration-provider/pull/29

Didn't realize until after disassembling that the offsets match the already-existing 12.7.1 offsets, just needed to update the binary hash. :|